diff options
author | Madelyn Olson <matolson@amazon.com> | 2019-09-17 03:32:35 -0700 |
---|---|---|
committer | antirez <antirez@gmail.com> | 2019-09-30 17:57:49 +0200 |
commit | ea7c3fe7fd6d269e1e09443db3e2148cb445febb (patch) | |
tree | 5f256ae1cc13da8410c35e6adc30da3f202852eb /tests | |
parent | eb2114b9cda51272ab99b4fd8aa280e8e467d7c5 (diff) | |
download | redis-ea7c3fe7fd6d269e1e09443db3e2148cb445febb.tar.gz |
Allowed passing in of password hash and fixed config rewrite
Diffstat (limited to 'tests')
-rw-r--r-- | tests/support/test.tcl | 6 | ||||
-rw-r--r-- | tests/unit/acl.tcl | 22 |
2 files changed, 27 insertions, 1 deletions
diff --git a/tests/support/test.tcl b/tests/support/test.tcl index 6f02f2f12..2646acecd 100644 --- a/tests/support/test.tcl +++ b/tests/support/test.tcl @@ -15,6 +15,12 @@ proc assert {condition} { } } +proc assert_no_match {pattern value} { + if {[string match $pattern $value]} { + error "assertion:Expected '$value' to not match '$pattern'" + } +} + proc assert_match {pattern value} { if {![string match $pattern $value]} { error "assertion:Expected '$value' to match '$pattern'" diff --git a/tests/unit/acl.tcl b/tests/unit/acl.tcl index 058441433..d3b721205 100644 --- a/tests/unit/acl.tcl +++ b/tests/unit/acl.tcl @@ -35,6 +35,26 @@ start_server {tags {"acl"}} { set e } {*WRONGPASS*} + test {Test password hashes can be added} { + r ACL setuser newuser #34344e4d60c2b6d639b7bd22e18f2b0b91bc34bf0ac5f9952744435093cfb4e6 + catch {r AUTH newuser passwd4} e + assert {$e eq "OK"} + } + + test {Test password hashes validate input} { + # Validate Length + catch {r ACL setuser newuser #34344e4d60c2b6d639b7bd22e18f2b0b91bc34bf0ac5f9952744435093cfb4e} e + # Validate character outside set + catch {r ACL setuser newuser #34344e4d60c2b6d639b7bd22e18f2b0b91bc34bf0ac5f9952744435093cfb4eq} e + set e + } {*Error in ACL SETUSER modifier*} + + test {ACL GETUSER returns the password hash instead of the actual password} { + set passstr [dict get [r ACL getuser newuser] passwords] + assert_match {*34344e4d60c2b6d639b7bd22e18f2b0b91bc34bf0ac5f9952744435093cfb4e6*} $passstr + assert_no_match {*passwd4*} $passstr + } + test {By default users are not able to access any command} { catch {r SET foo bar} e set e @@ -67,7 +87,7 @@ start_server {tags {"acl"}} { set e } {*NOPERM*} - test {ACLs can include or excluse whole classes of commands} { + test {ACLs can include or exclude whole classes of commands} { r ACL setuser newuser -@all +@set +acl r SADD myset a b c; # Should not raise an error r ACL setuser newuser +@all -@string |